* Sat May 28 2005 Dan Walsh <dwalsh@redhat.com> 1.23.11-3

- Add Ivan's patch for user role changes in genhomedircon
This commit is contained in:
Daniel J Walsh 2005-05-28 05:29:19 +00:00
parent 6124877e2e
commit ee898f2f7e
2 changed files with 41 additions and 3 deletions

View File

@ -1,6 +1,6 @@
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/load_policy/load_policy.c policycoreutils-1.23.11/load_policy/load_policy.c diff --exclude-from=exclude -N -u -r nsapolicycoreutils/load_policy/load_policy.c policycoreutils-1.23.11/load_policy/load_policy.c
--- nsapolicycoreutils/load_policy/load_policy.c 2005-04-14 07:22:16.000000000 -0400 --- nsapolicycoreutils/load_policy/load_policy.c 2005-04-14 07:22:16.000000000 -0400
+++ policycoreutils-1.23.11/load_policy/load_policy.c 2005-05-26 10:49:44.000000000 -0400 +++ policycoreutils-1.23.11/load_policy/load_policy.c 2005-05-28 01:25:28.000000000 -0400
@@ -103,7 +103,7 @@ @@ -103,7 +103,7 @@
if (errno == ENOENT || errno == EINVAL) { if (errno == ENOENT || errno == EINVAL) {
/* No booleans file or stale booleans in the file; non-fatal. */ /* No booleans file or stale booleans in the file; non-fatal. */
@ -30,7 +30,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/load_policy/load_policy.
exit(2); exit(2);
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/newrole/newrole.c policycoreutils-1.23.11/newrole/newrole.c diff --exclude-from=exclude -N -u -r nsapolicycoreutils/newrole/newrole.c policycoreutils-1.23.11/newrole/newrole.c
--- nsapolicycoreutils/newrole/newrole.c 2005-05-20 13:15:12.000000000 -0400 --- nsapolicycoreutils/newrole/newrole.c 2005-05-20 13:15:12.000000000 -0400
+++ policycoreutils-1.23.11/newrole/newrole.c 2005-05-26 08:46:35.000000000 -0400 +++ policycoreutils-1.23.11/newrole/newrole.c 2005-05-28 01:25:28.000000000 -0400
@@ -198,6 +198,11 @@ @@ -198,6 +198,11 @@
result = 0; /* user authenticated OK! */ result = 0; /* user authenticated OK! */
} }
@ -43,3 +43,38 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/newrole/newrole.c policy
/* We're done with PAM. Free `pam_handle'. */ /* We're done with PAM. Free `pam_handle'. */
pam_end( pam_handle, PAM_SUCCESS ); pam_end( pam_handle, PAM_SUCCESS );
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/genhomedircon policycoreutils-1.23.11/scripts/genhomedircon
--- nsapolicycoreutils/scripts/genhomedircon 2005-04-14 07:22:16.000000000 -0400
+++ policycoreutils-1.23.11/scripts/genhomedircon 2005-05-28 01:26:50.000000000 -0400
@@ -357,16 +357,22 @@
return udict
def getHomeDirContext(self, user, home, role):
- ret="\n\n#\n# Context for user %s\n#\n\n" % user
+ ret="\n\n#\n# Home Context for user %s\n#\n\n" % user
rc=commands.getstatusoutput("grep '^HOME_DIR' %s | sed -e 's|HOME_DIR|%s|' -e 's/ROLE/%s/' -e 's/system_u/%s/'" % (self.getHomeDirTemplate(), home, role, user))
return ret + rc[1] + "\n"
+ def getUserContext(self, user, sel_user, role):
+ ret="\n\n#\n# Other Context for user %s\n#\n\n" % user
+ rc=commands.getstatusoutput("grep 'USER' %s | sed -e 's/USER/%s/' -e 's/ROLE/%s/' -e 's/system_u/%s/'" % (self.getHomeDirTemplate(), user, role, sel_user))
+ return ret + rc[1] + "\n"
+
def genHomeDirContext(self):
users = self.getUsers()
ret=""
# Fill in HOME and ROLE for users that are defined
for u in users.keys():
ret += self.getHomeDirContext (u, users[u]["home"], users[u]["role"])
+ ret += self.getUserContext (u, u, users[u]["role"])
return ret+"\n"
def checkExists(self, home):
@@ -428,6 +434,7 @@
ret= self.heading()
for h in self.getHomeDirs():
ret += self.getHomeDirContext ("user_u" , h+'/[^/]*', "user")
+ ret += self.getUserContext(".*", "user_u", "user") + "\n"
ret += self.getHomeRootContext(h)
ret += self.genHomeDirContext()
return ret

View File

@ -3,7 +3,7 @@
Summary: SELinux policy core utilities. Summary: SELinux policy core utilities.
Name: policycoreutils Name: policycoreutils
Version: 1.23.11 Version: 1.23.11
Release: 2 Release: 3
License: GPL License: GPL
Group: System Environment/Base Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -84,6 +84,9 @@ rm -rf ${RPM_BUILD_ROOT}
%config(noreplace) %{_sysconfdir}/sestatus.conf %config(noreplace) %{_sysconfdir}/sestatus.conf
%changelog %changelog
* Sat May 28 2005 Dan Walsh <dwalsh@redhat.com> 1.23.11-3
- Add Ivan's patch for user role changes in genhomedircon
* Thu May 26 2005 Dan Walsh <dwalsh@redhat.com> 1.23.11-2 * Thu May 26 2005 Dan Walsh <dwalsh@redhat.com> 1.23.11-2
- Fix warning message on reload of booleans - Fix warning message on reload of booleans